The war against cybercrime now rages at the app layer: F5
By Benjamin Cher June 30, 2016
- Attackers bypassing traditional defences completely
- DDoS and man-in-the-middle attacks coming via apps
CYBERCRIMINALS always look for the weakest link, and these days, it is increasingly those apps we all love to use, says one security expert.
The proliferation of apps and smart devices has opened up a new avenue for cybercriminals to bypass the traditional layers that have largely been secured, according to Mohan Veloo (pic above), vice president of Systems Engineering at F5 Networks.
“There are more than four million applications right now on the Internet, and all these applications have one thing in common: They have to communicate, either with each other or with backend information stored on the cloud or a datacentre, and they have to go through the network,” he says.
Security has traditionally been focused on the lower layers of the network stack and not much has been invested in Layer 7, or the application layer, according to Mohan, speaking to Digital News Asia (DNA) in Singapore recently.
“Now with the plethora of applications, and the fact that anyone can write an app, attacks have started focusing on the application layer because it is least invested in terms of protection,” he says.
Attacks at the application layer can range from the simple to the sophisticated – an example of a simple one would be a Distributed Denial-of-Service (DDoS) attack.
“The traditional DDOS attack that everyone knows about is when an attacker sends a huge amount of data to overwhelm a server, which typically happens at the lower layers,” says Mohan.
“A Layer 7 DDoS attack is a little more complicated and difficult to detect because it mimics human behaviour – an example of that could be someone going to your website and downloading a document, which is something any human could do.
“But if you do it a million times a second, it could either mean your article is really popular or it is a DDoS attack,” he adds.
The more sophisticated attacks usually come via malware, an example of which would be so-called man-in-the-middle attacks.
“The first thing the attacker needs to do is to get malware onto your device,” says Mohan.
While many enterprises spend a lot of money to secure their networks and applications, they tend to neglect devices like employees’ personal smartphones or tablets.
“The challenge here is that they have no control over the device,” he says, adding that employees freely download shady attachments or documents off the web, and these can contain a hidden malware payload.
Such a malware then ‘sits’ between a user and his device, and as the user accesses his bank account, for example, intercepts that information and sends it to a command and control (C&C) server.
“The banks will think it is you accessing your account,” says Mohan.
With such threats floating around, his advice is to secure your device with an antivirus and keep up to date with patches.
Where your apps talk to each other, cybercriminals lurk: McAfee report
The world’s first mobile malware celebrates its 10th birthday
Spyphone apps on the rise: Alcatel-Lucent study
For more technology news and the latest updates, follow us on Twitter, LinkedIn or Like us on Facebook.